package com.boxuegu.websecurity.bbs.controller;

import com.boxuegu.websecurity.bbs.service.MessageService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.util.List;

/**
 * 保留留言后台系统
 *
 * @author Jam Fang  https://www.jianshu.com/u/0977ede560d4
 * @version 创建时间：2019.10.8 17:39
 */

@Controller
@RequestMapping("/admin")
public class AdminController {
    @Autowired
    private MessageService messageService;

    /**
     * 后台主界面
     *
     * @param map
     * @return
     */
    @RequestMapping({"/", "/index", "/main"})
    public String index(ModelMap map) {
        boolean isLogin = validateLogin();
        if (isLogin) {
            map.addAttribute("userName", getLoginUserName());
            List messageList = messageService.getMessageList();
            map.addAttribute("list", messageList);
            return "admin/main";
        } else {
            return "admin/login";
        }
    }

    /**
     * 后台登录页面
     *
     * @return
     */
    @GetMapping("/login")
    public String login() {
        return "admin/login";
    }

    /**
     * 退出
     *
     * @param request
     * @return
     */
    @GetMapping("/logout")
    public String logout(HttpServletRequest request) {
        request.getSession().invalidate();
        return "admin/login";
    }

    /**
     * 后台登录提交
     *
     * @param userName
     * @param password
     * @param request
     * @return
     */
    @PostMapping("/login")
    public String postLogin(String userName, String password, HttpServletRequest request) {
        System.out.println(userName + "\t" + password);
        //只是密码的简单判断，哈哈。当然也可以连数据判断
        if ("admin".equals(userName) && "qweasd".equals(password)) {
            request.getSession().setAttribute("isLogin", true);
            request.getSession().setAttribute("userName", userName);
            //先添加到session,在跳转
            return "redirect:/admin/main";
        } else {
            return "admin/login";
        }
    }

    /**
     * 删除留言
     *
     * @param id
     * @return
     */
    @GetMapping("/delete")
    public String delete(@NotNull Integer id) {
        messageService.deleteByPrimaryKey(id);
        return "redirect:/admin/main";
    }


    /**
     * 登录校验
     *
     * @return
     */
    private boolean validateLogin() {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        HttpSession session = request.getSession();
        Object isLogin = session.getAttribute("isLogin");
        if (isLogin == null || (boolean) isLogin == false) {
            return false;
        }
        return true;
    }

    /**
     * 获取登录用户名
     *
     * @return
     */
    private String getLoginUserName() {
        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
        HttpSession session = request.getSession();
        Object userName = session.getAttribute("userName");
        if (userName == null) {
            return "";
        }
        return (String) userName;
    }

}
